TNW Sites

Why you should not store your cryptos on an exchange (but use a wallet instead)

On a Friday morning in late January, the users of Coincheck, a Japan-based cryptocurrency exchange, logged in to find their wallets empty of NEM tokens, a cryptocurrency specialized for payments and other financial services.

But this wasn’t a temporary server outage, a common problem most exchanges have been grappling with since cryptocurrencies went on a crazy price surge in 2017. Earlier that day, hackers had allegedly compromised Coincheck’s servers and stolen 500 million NEMs (worth $400 million at the time the incident happened), the cryptocurrency equivalent of robbing a bank.

Cryptocurrency exchanges—and by extension their users—have been falling victim to hackers for years. In 2014, following a big heist at Mt. Gox, another Japanese exchange, the price of bitcoin took a deep plunge. Bitstamp, Bitfinex and Etherdelta are the names of just some of the other crypto-exchanges that have been compromised in the years that followed.

Yet many users make the mistake of storing all their cryptocurrencies in exchanges while there are alternatives that can store your digital fortune without compromising your security. Here’s what you need to know about different cryptocurrency wallet types and how they can serve your different needs.

Cryptocurrency exchanges: convenient but unsafe

Blockchain, the distributed ledger technology underlying cryptocurrencies, was designed to fend off cyberattacks. And that stands true only as long as you stay true to its basic principles.

Every cryptocurrency address on the blockchain is tied to a pair of private and public encryption keys. The public key allows other users to send money to that address, while the private key enables the owner of the address to send payments to other addresses. This means that, as the holder of bitcoins or other digital currencies, your funds are secure only if you keep your private key, well… private.

Cryptocurrency exchanges store private keys on behalf of their users. In exchange they enable their users to easily trade between fiat or digital currencies. But this also burdens them with the responsibility of securing all those cryptocurrency accounts and the private keys that go with them.

To be fair, most exchanges have dedicated security teams and do a decent job of protecting their stash of private keys against cybercriminals. However, the mere fact that they store thousands and millions of private keys make them attractive targets for motivated and well-resourced hackers.

As the saying goes, cybersecurity experts must win every battle—hackers only need to win one. In the case of cryptocurrency exchanges, a single loss can lead to the disappearance of hundreds of millions of dollars.

You should also take note that since the cryptocurrency and token sale industry is still largely unregulated, there is plenty of room for fraudsters and scammers to make a quick buck, especially if they hold control of the private keys of unsuspecting users in a bogus exchange.

Desktop wallets: the inconvenient alternative

A secure alternative to cryptocurrency exchanges are wallet applications you can install on your own computer. Desktop wallets store and manage private keys on your computer, which means you don’t need to worry about your secrets sitting in a server located thousands of miles away and being surrounded by hordes of crypto-hungry hackers.

However, desktop wallets come with their own trade-offs. Many desktop wallets require you to download the entire blockchain of the cryptocurrency they provide access to. In the case of bitcoin, the size of the blockchain is over 150GB at the time of the writing. This limits their use to desktop and laptop PCs, which makes them impractical if you want to send crypto payments from your smartphone or tablet.

Desktop wallets can also become compromised if you don’t have sound IT and security practices. There are plenty of malware out there that can either steal the keys or destroy them forever. And in case your computer runs into technical problems or you accidentally dispose of your hard drive, then you can say goodbye to your fortune.

Online wallets: the sweet spot

Online wallets are the sweet spot between exchanges and desktop wallets, giving you the perfect balance between convenience and security.

On the one hand, online wallets are accessible through browser applications and mobile apps and don’t require you to download an entire blockchain to send and receive cryptocurrency payments, making them easier to use than desktop wallets and accessible on all your devices. On the other hand, they don’t store private keys on their servers, making them impervious to data breaches and more secure than online exchanges.

However, online wallets come with their own considerations. They won’t provide you with the conversion of crypto and fiat currencies that you’ll find on crypto exchanges. Also, some online wallets do store private keys on their servers; make sure you avoid those.

Final verdict

Where to best store your cryptocurrencies depends on your trading needs, of course. You’ll probably still need an exchange account if you’re into margin trading or if you want to convert your funds. But take note that you shouldn’t use exchanges for the storage of large amounts of cryptocurrency.

If you’re an IT and security wonk, and don’t mind processing all your transactions from a laptop or desktop PC, a desktop or hardware wallet will be a secure and convenient option.

For most users, however, online wallets are the most convenient option. You’ll have control of your own privacy and security while also being able to easily receive and send cryptocurrencies for different purposes.

BTC.com offers an online wallet for web, iOS and Android. This wallet never stores your private keys, so you are the only one with access to your coins. Get your free wallet to buy, send, receive and store Bitcoin and Bitcoin Cash in a simple and secure way.